package com.offcn.oauth.token;



import com.alibaba.fastjson.JSON;
import org.bouncycastle.util.encoders.Base64Encoder;
import org.junit.Test;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.jwt.Jwt;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.jwt.crypto.sign.RsaSigner;
import org.springframework.security.jwt.crypto.sign.RsaVerifier;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;

import java.security.KeyPair;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.Map;

/**
 * 通过私钥生成令牌 通过公钥解析令牌
 */
public class JwtTokenByKeyPair {

    @Test
    public void testCreateToken(){
        // 证书的路径
        String key_location = "dongyimai.jks";
        // 秘钥库的密码
        String key_password = "dongyimai";
        // 解析文件的密码
        String keypwd = "dongyimai";
        // 别名
        String alias = "dongyimai";
        
        // 加载证书
        ClassPathResource resource = new ClassPathResource(key_location);
        
        // 创建秘钥工厂
        KeyStoreKeyFactory keyFactory = new KeyStoreKeyFactory(resource, key_password.toCharArray());
        
        // 读取秘钥对 （公钥 和 私钥）
        KeyPair keyPair = keyFactory.getKeyPair(alias, keypwd.toCharArray());
        
        // 获取公钥
        RSAPublicKey publicKey = (RSAPublicKey)keyPair.getPublic();

        // 获取私钥
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();

        // 定义存储的内容 载荷
        Map<String, Object> map = new HashMap<>();
        map.put("id","123");
        map.put("name","offcn");
        map.put("role","ROLE_USER");

        String str = JSON.toJSONString(map);

        // 签名需要通过私钥
        Jwt token = JwtHelper.encode(str, new RsaSigner(privateKey));

        System.out.println(token.getEncoded());

    }

    @Test
    public void testParseToken(){
        // 令牌
        String token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NDY4MzI1MTIsInVzZXJfbmFtZSI6InhpYW9iYWkiLCJhdXRob3JpdGllcyI6WyJVU0VSIl0sImp0aSI6ImM3MmNhYmM1LTE3MzgtNDk2My1iYTJmLTk5NGUxNDgyNWVjOSIsImNsaWVudF9pZCI6ImRvbmd5aW1haSIsInNjb3BlIjpbImFwcCIsInNlcnZlciJdfQ.cqC3Fnze1kI44M_yRQS2jHb6DYQoU6zq9HPNgcHMAp3yTBkjA85stkzmU_mZfvfaCv_8yk-FDlQ7BLloiUr7oOpXuwDXUmv1eQhHRPv0pVFRF5jeJbeODX0kijEUesBz0RKPCNvLitgful0M4dLSMnq6J3Nw3BAbFuT7pkGWHH0pJdXGWjGzWPmaWgRKs3-fS-XjgIBNINdGhNC1cs12uemhOB6B7vw1Wxj7J6XYRRfkVgTCAkOe9qDd5zWO_6RmR052w2gwN0f2j2w6ScPa-1DUx7bml0l3DIRMziBOkSx1mOJAIKYuR1yWJaoM0X7GNe7UBGSl-_VpHyvIXxxjLA";
        // 公钥
        String publicKey = "-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRn5Wk7I6E9Qb9Qd+0l4H0IjZxF5fUGEWBOEwdTftP4Ex6a0hzqp2d0HLv73iM1LU2lItADNzbYp+tk591q1nw28D6ZoHMt/QAcQLjWoSVq4+3jdNdOhHN256r6u27MMuP83IZPSdFl6fOmofoHijkn+SJlhb/95+WW5r2LPU1asJWVh6YqJ1S84+BbcY5K0pCs70OZuSJ47PUbFIJBFqpNK+sIRPTHXVZ/xFG5VrQzCM8QG/QWfFtB4pixNWOd+Um3S2sNX/MDJOqn7NQp62THZzlQGUepR2bSDf5jPYv1YO3z6TF+XkZBhcJxoBWlEZqBgCkNEzh+6GRqgNoN5rwIDAQAB-----END PUBLIC KEY-----";
        // 解析token
        Jwt jwt = JwtHelper.decodeAndVerify(token, new RsaVerifier(publicKey));
        // 查看解析之后的内容
        String claims = jwt.getClaims();

        System.out.println(claims);

    }
    
}
